Technology
Flaw let hackers spy on—and even alter—data sent via Bluetooth
Say it with me: Bluetooth is not your friend.
It turns out that the frustratingly buggy way to pair speakers, printers, and numerous other third-party devices with your smartphone or computer can’t keep a secret. Security researchers this week announced a major vulnerability in the Bluetooth specification that allows hackers to not only listen in on the data being sent between two devices, but clandestinely alter it as well.
“[An] attacker is able to the listen in on, or change the content of, nearby Bluetooth communication, even between devices that have previously been successfully paired,” the researchers explain.
Dubbed the KNOB attack, the vulnerability affected every single standard-compliant Bluetooth device tested by a group consisting of security researchers from the Singapore University of Technology and Design, University of Oxford, and CISPA Helmholtz Center for Information Security. And yes, that means chips made by Broadcom, Qualcomm, Apple, Intel, and Chicony were all vulnerable.
Importantly, this doesn’t mean that anyone, anywhere, with malicious intent can listen in on your AirPod-enabled phone conversations or alter your AirDrop data transfer. For starters, this vulnerability does not apply to Bluetooth Low Energy (BLE) devices like AirPods. Instead, it covers Bluetooth BR/EDR. Also, the attacker would have to be physically near you in order to pull this off — a fact that provides some consolation until you think about all the times you use Bluetooth while in public places.
There is some more good news. The researchers who discovered this vulnerability also responsibly disclosed it to manufacturers. And hey, some of those manufacturers even did something about it.
Apple, for example, issued a patch in late July for iOS, macOS, and watchOS. Microsoft, Cisco, Google, and Blackberry also all issued various patches.
That’s the good news. The bad? Well, you need to have actually installed the patches for the fix to take effect.
So go ahead and make sure your phone, computer, and any other Bluetooth-enabled device is up to date. And maybe, just maybe, going forward think twice about sending sensitive data over Bluetooth. Find a friend that can keep a secret.
Langdock raises $3M with General Catalyst to help businesses avoid vendor lock-in with LLMs
“Hanky Panky” review: A deeply delirious stoner comedy
Internet users are getting younger; now the UK is weighing up if AI can help protect them
Taylor Swift’s ‘The Tortured Poets Department’ rollout reveals her inability to trust the listener
Dating culture has become selfish. How do we fix it?
Screen Skinz raises $1.5 million seed to create custom screen protectors
Consumer Financial Protection Bureau fines BloomTech for false claims
‘Big is moving to Paris’: Carrie Bradshaw discourse reignites as ‘Sex and the City’ hits Netflix
Klarna credit card launches in the US as Swedish fintech grows its market presence
How to set boundaries in the early stages of dating
Apple sued, Microsoft’s AI ambitions and Nvidia’s surprises
TechCrunch Mobility: The wheels are starting to come off the Fisker EV bus
Lordstown Motors’ ousted CEO settles with SEC for misleading investors
DOJ’s Apple antitrust case neatly aligns with EU on one key point: NFC and mobile payments
Amazon Big Spring Sale 2024: Shop 350+ deals on Apple, robot vacuums, security cameras, more
What is the three-body problem in ‘3 Body Problem’?
Maju Kuruvilla is out as CEO of one-click checkout company Bolt
API startup Noname Security nears $500M deal to sell itself to Akamai
US think tank Heritage Foundation hit by cyberattack
Where’s the AI in these ‘AI-powered’ products for your home?
Langdock raises $3M with General Catalyst to help businesses avoid vendor lock-in with LLMs
“Hanky Panky” review: A deeply delirious stoner comedy
Internet users are getting younger; now the UK is weighing up if AI can help protect them
Taylor Swift’s ‘The Tortured Poets Department’ rollout reveals her inability to trust the listener
Dating culture has become selfish. How do we fix it?
Screen Skinz raises $1.5 million seed to create custom screen protectors
Consumer Financial Protection Bureau fines BloomTech for false claims
‘Big is moving to Paris’: Carrie Bradshaw discourse reignites as ‘Sex and the City’ hits Netflix
Klarna credit card launches in the US as Swedish fintech grows its market presence
How to set boundaries in the early stages of dating
-
Business7 days agoAPI startup Noname Security nears $500M deal to sell itself to Akamai
-
Entertainment6 days agoNASA discovered bacteria that wouldn’t die. Now it’s boosting sunscreen.
-
Entertainment7 days agoHow to watch ‘Argylle’: When and where is it streaming?
-
Business6 days agoTesla drops prices, Meta confirms Llama 3 release, and Apple allows emulators in the App Store
-
Business5 days agoTechCrunch Mobility: Cruise robotaxis return and Ford’s BlueCruise comes under scrutiny
-
Entertainment5 days ago‘The Sympathizer’ review: Park Chan-wook’s Vietnam War spy thriller is TV magic
-
Business4 days agoTesla layoffs hit high performers, some departments slashed, sources say
-
Business4 days agoMeta to close Threads in Turkey to comply with injunction prohibiting data-sharing with Instagram
